Re: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mmusic-sdescriptions-12.txt?
Mark Baugher <mbaugher@cisco.com> Wed, 08 February 2006 22:12 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F6xYE-0008QL-C0; Wed, 08 Feb 2006 17:12:38 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F6xYC-0008Lt-5S for mmusic@megatron.ietf.org; Wed, 08 Feb 2006 17:12:36 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA08700 for <mmusic@ietf.org>; Wed, 8 Feb 2006 17:10:45 -0500 (EST)
Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1F6xkj-0008JK-3M for mmusic@ietf.org; Wed, 08 Feb 2006 17:25:34 -0500
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-5.cisco.com with ESMTP; 08 Feb 2006 14:12:17 -0800
X-IronPort-AV: i="4.02,98,1139212800"; d="scan'208"; a="254382301:sNHT34769908"
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id k18MCBWJ006488; Wed, 8 Feb 2006 14:12:16 -0800 (PST)
Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 8 Feb 2006 14:12:16 -0800
Received: from [192.168.0.10] ([10.21.145.25]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 8 Feb 2006 14:12:15 -0800
In-Reply-To: <011801c62cf1$eafbd170$60c8000a@acmepacket.com>
References: <011801c62cf1$eafbd170$60c8000a@acmepacket.com>
Mime-Version: 1.0 (Apple Message framework v746.2)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <75FF3DAE-D1C4-4BCD-8A3B-9ABE302B03BA@cisco.com>
Content-Transfer-Encoding: 7bit
From: Mark Baugher <mbaugher@cisco.com>
Subject: Re: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mmusic-sdescriptions-12.txt?
Date: Wed, 08 Feb 2006 14:12:14 -0800
To: Hadriel Kaplan <HKaplan@acmepacket.com>
X-Mailer: Apple Mail (2.746.2)
X-OriginalArrivalTime: 08 Feb 2006 22:12:15.0396 (UTC) FILETIME=[B7D13640:01C62CFC]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f66b12316365a3fe519e75911daf28a8
Content-Transfer-Encoding: 7bit
Cc: 'Flemming Andreasen' <fandreas@cisco.com>, 'Dan Wing' <dwing@cisco.com>, mmusic@ietf.org, 'Jon Peterson' <jon.peterson@neustar.biz>, 'Allison Mankin' <mankin@psg.com>, 'Brian E Carpenter' <brc@zurich.ibm.com>, 'Colin Perkins' <csp@csperkins.org>, 'Joerg Ott' <jo@acm.org>
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
Sender: mmusic-bounces@ietf.org
Errors-To: mmusic-bounces@ietf.org
On Feb 8, 2006, at 12:54 PM, Hadriel Kaplan wrote: > Comments inline... > >> -----Original Message----- >> From: Mark Baugher [mailto:mbaugher@cisco.com] >> Sent: Wednesday, February 08, 2006 2:15 PM >> To: Hadriel Kaplan >> Cc: mmusic@ietf.org; 'Flemming Andreasen'; 'Dan Wing'; 'Jon >> Peterson'; >> 'Allison Mankin'; 'Brian E Carpenter'; 'Colin Perkins'; 'Joerg Ott' >> Subject: Re: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mmusic- >> sdescriptions-12.txt? >> What you say is correct and thanks for the clarification. My point >> is that it is not simply a matter of handing a bidirectional master >> key or a second, unidirectional master key to the receiver for >> sending its media so long as multiple offers are possible. The real >> problem to the problem of early commencement of media is the presence >> of multiple offers in the SDP message not the way a key is sent. > > But doesn't that problem get solved with unique MKIs? In the way > draft-wing-mmusic-sdes-early-media-00.txt handles it, or at least > that's how > I read it. I think it's tricky to use MKIs in this way. > >>> the sdes offerer sent the keys for transmitting media, instead of >>> the ones >>> for receive-side as it does with everything else in SDP. >> >> I'm not sure what you mean by "as it does with everything else in >> SDP." There are recvonly, sendonly and sendrecv attributes in SDP >> for specifying direction semantics. In the earliest versions of SDP > > Yup, sorry meant it more in the sense that when you make the offer > you're > saying you can immediately receive any of the offered codecs at the > offered > ports. (ie, with respect to early media) A nit really. I see your point. We chose to treat keys differently than codecs for the reasons I mentioned in my previous note. > >> So why not have the SDP offerer offer two keys? The quality of the >> encryption is greatly affected by the randomness of the key. When >> creating keys, it is best to have each side add some randomness in >> the key derivation as is commonly done in pairwise key establishment >> protocols. This is not possible for groups and sdesc needs to >> support groups. Supplying an encryption key to the receiver is risky >> because in some protocols, such as SIP, the supplied key is handed to >> a group of receivers when forking occurs, thus raising the >> probability of SSRC collision. The next best thing IMHO is to at >> least allow a sender to ensure the quality of a key for *its* data by >> supplying the decryption key for its data. I'm not religious about >> this point. If supplying the encryption key (rather than or in >> addition to the decryption key) to the receiver solved the problem >> described above, I'd personally support that. But it doesn't. > > I was waiting for that, so I could say wouldn't that also apply to > draft-wing-mmusic-sdes-early-media-00.txt, since the draft allows the > offerer to tell the answerer both keys? I think it's fine to pass both keys to mitigate the problem of sending media before the answer is received. > But thinking about this more, I > guess having both ways lets the market choose, which is preferred. > > As to the overlapping SSRC problem with an offered key, I think the > risk of > that happening, and happening for long enough to be cracked (in > practical > terms), etc., is outweighed by the usefulness of early media. I agree. > But we'll get > there with the early-media draft, or just by 1xx responses w/SDP, > so problem > solved. :) We can only hope ;-) cheers, Mark > > -hadriel _______________________________________________ mmusic mailing list mmusic@ietf.org https://www1.ietf.org/mailman/listinfo/mmusic
- [MMUSIC] Re: ADs - Re: Status of draft-ietf-mmusi… Mark Baugher
- Re: [MMUSIC] Re: ADs - Re: Status of draft-ietf-m… Colin Perkins
- RE: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mm… Hadriel Kaplan
- Re: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mm… Mark Baugher
- RE: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mm… Hadriel Kaplan
- Re: [MMUSIC] Re: ADs - Re: Status ofdraft-ietf-mm… Mark Baugher